Permission Management

Understanding the 2-level permission system

6 min read

FreeMaint uses a granular permission system with 140+ individual permissions. Permissions are organized by module and follow the entity:action format for clarity.

How Permissions Work

FreeMaint uses a 2-level permission system that gives you flexibility in managing access:

Level 1: Level 1: Role Permissions

Permissions inherited automatically from the user's assigned role. All users with the same role have the same base permissions.

Level 2: Level 2: Additional Permissions

Extra permissions granted specifically to an individual user. These are added on top of the role permissions.

Tip

User's Permissions = Role Permissions + Additional Permissions

Example Scenario

Luigi is assigned the MANAGER role. By default, MANAGER does not include the "requests:approve" permission. However, you want Luigi to be able to approve intervention requests.

Solution:

Instead of creating a new role just for Luigi, you can add "requests:approve" as an additional permission specifically for his user account.

Result:

Luigi now has all MANAGER permissions PLUS the ability to approve requests.

How to Add Additional Permissions

Grant extra permissions to specific users without creating new roles.

  1. Navigate to People โ†’ Users in the sidebar
  2. Click on the user you want to modify
  3. Scroll down to the "Additional Permissions" section
  4. Check the permissions you want to grant to this user
  5. Click "Save" to apply changes

Tip

Only users with the "users:assign_roles" permission can modify additional permissions.

Permission Categories

Permissions are organized into categories for easier management:

Assets

Manage equipment and machinery

Work Orders

Create and manage maintenance tasks

Requests

Handle intervention requests

Parts

Manage inventory and spare parts

People

Manage users, teams, and roles

Locations

Manage sites and areas

Meters

Track readings and consumption

Preventive Maintenance

Schedule recurring maintenance

Settings

Configure system options

Permission Format

Permissions follow the format: entity:action

assets:create

Create new assets

assets:read

View assets

assets:update

Modify assets

assets:delete

Delete assets

requests:approve

Approve intervention requests

work_orders:assign

Assign work orders to users

When to Use Each Approach

Use Role Permissions When:

Multiple users need the same set of permissions

The permission need is permanent and role-based

You want to standardize access across a job function

Use Additional Permissions When:

Only one or few users need an extra capability

The need is temporary or exceptional

You don't want to create a new role for a small change

Troubleshooting

User can't access a feature they should have
  • โ€ข Check their role's permissions in People โ†’ Roles
  • โ€ข Verify no typos in additional permissions
  • โ€ข Ensure permissions are saved properly
  • โ€ข Ask user to log out and log back in
User has too much access
  • โ€ข Review their role assignment
  • โ€ข Check for unnecessary additional permissions
  • โ€ข Consider assigning a more restricted role

Want to learn more about the predefined roles?

View Roles Guide

Was this page helpful?